Amazon Linux 2 : libxml2, --advisory ALAS2-2026-3122 (ALAS-2026-3122)

The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3122 advisory. A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function...

📄 NCR Command Center Agent 16.3 Remote Code Execution

CMCAgent in NCR Command Center Agent version 16.3 on Aloha POS/BOH servers permits the submission of a runCommand parameter within an XML document sent to port 8089 that enables the remote, unauthenticated execution of an arbitrary command as SYSTEM, as exploited in the wild in 2020 and/or 2021...

Linux Distros Unpatched Vulnerability : CVE-2025-3122

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as problematic was found in WebAssembly wabt 1.0.36. Affected by this vulnerability is the function...

CVE-2022-3122

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file medicinedetails.php. The manipulation of the argument medicine leads to sql injection. The attack may be launched...

CVE-2021-3122

CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a runCommand parameter within an XML document sent to port 8089 that enables the remote, unauthenticated execution of an arbitrary command as SYSTEM, as exploited in the wild in 2020 and/or 2021. NOTE: th...

CVE-2022-3122

creationtimestamp| type| source ---|---|--- 2025-04-15 13:54:31+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11811...

CVE-2025-3122

A NULL pointer write vulnerability was found in the wabt::interp::anonymous namespace::BinaryReaderInterp::BeginFunctionBody function within glslang. This issue occurs when processing certain files, leading to a potential application crash. Mitigation Mitigation for this issue is either not...

DEBIAN-CVE-2025-3122

A vulnerability classified as problematic was found in WebAssembly wabt 1.0.36. Affected by this vulnerability is the function BinaryReaderInterp::BeginFunctionBody of the file src/interp/binary-reader-interp.cc. The manipulation leads to null pointer dereference. The attack can be launched...

CVE-2025-3122

A vulnerability classified as problematic was found in WebAssembly wabt 1.0.36. Affected by this vulnerability is the function BinaryReaderInterp::BeginFunctionBody of the file src/interp/binary-reader-interp.cc. The manipulation leads to null pointer dereference. The attack can be launched...

CVE-2025-3122

A vulnerability classified as problematic was found in WebAssembly wabt 1.0.36. Affected by this vulnerability is the function BinaryReaderInterp::BeginFunctionBody of the file src/interp/binary-reader-interp.cc. The manipulation leads to null pointer dereference. The attack can be launched...

CVE-2025-3122 WebAssembly wabt binary-reader-interp.cc BeginFunctionBody null pointer dereference

A vulnerability classified as problematic was found in WebAssembly wabt 1.0.36. Affected by this vulnerability is the function BinaryReaderInterp::BeginFunctionBody of the file src/interp/binary-reader-interp.cc. The manipulation leads to null pointer dereference. The attack can be launched...

CVE-2025-3122 WebAssembly wabt binary-reader-interp.cc BeginFunctionBody null pointer dereference

A vulnerability classified as problematic was found in WebAssembly wabt 1.0.36. Affected by this vulnerability is the function BinaryReaderInterp::BeginFunctionBody of the file src/interp/binary-reader-interp.cc. The manipulation leads to null pointer dereference. The attack can be launched...

CVE-2025-3122

CVE-2025-3122 affects WebAssembly wabt 1.0.36. The vulnerability targets BinaryReaderInterp::BeginFunctionBody in src/interp/binary-reader-interp.cc, causing a null pointer dereference. Exploitation can be performed remotely with high attack complexity and a revealed public exploit. The available...

CVE-2020-3122

A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to obtain sensitive network information...

CVE-2020-3122

creationtimestamp| type| source ---|---|--- 2025-03-04 18:32:38+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6397 2025-03-04 22:32:28+00:00| seen| https://t.me/cvedetector/19546...

CVE-2024-3122

CHANGING Mobile One Time Password does not properly filter parameters for the file download functionality, allowing remote attackers with administrator privilege to read arbitrary file on the system...

SUSE SLES12 Security Update : SUSE Manager Client Tools (SUSE-SU-2023:3122-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3122-1 advisory. - Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an...

CVE-2023-3122

The GD Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via email contents in versions up to, and including, 3.9.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

CVE-2023-3122 GD Mail Queue <= 3.9.3 - Unauthenticated Stored Cross-Site Scripting via Email

The GD Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via email contents in versions up to, and including, 3.9.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

CVE-2023-3122 GD Mail Queue <= 3.9.3 - Unauthenticated Stored Cross-Site Scripting via Email

The GD Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via email contents in versions up to, and including, 3.9.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...